Documente Academic
Documente Profesional
Documente Cultură
Automated :
Public :
Made by Machine
Universally Known
Contents
Introduction History The Need of CAPTCHA Basic Terminologies Earlier CAPTCHAs How does a CAPTCHA work? Types of CAPTCHA Implementation of CAPTCHA Can CAPTCHA be broken? CAPTCHA Guidelines Applications Benefits of CAPTCHA Limitations of CAPTCHA Conclusion
Introduction
A CAPTCHA is a type of Challenge-response test used in computing as an attempt to ensure that the response is generated by a person or by some other Computer.
It is needed because activities such as online commerce transactions, search engine submissions, Web polls, Web registrations, free e-mail service registration and other automated services are subject to software programs, or bots.
CAPTCHA : History
1997: Andrei Broder at AltaVista wanted to prevent bots from automatically submitting sites for indexing.
He decided to add a test to the submission page. He reversed Brother scanner OCR optimization techniques.
2000: Luis von Ahn, Manuel Blum & John Langford at CMU trademarked CAPTCHA.
Yahoo partnered CMU to counter these threats in Messenger chat service.
MIT finished with 21156 votes and Carnegie Mellon Finished with 21032 votes.
All other schools finished with less than 1000 votes. Proved that online polls could not be trusted unless they ensured that only humans could vote. In September 2000, Yahoo! reported that bots were entering their online chat rooms & pointing legitimate users to advertising sites.
CAPTCHA : Terminologies
Bots
Turing Test
Terminologies : BOTS
A bot is a software program on the Internet. It is a software agent that interact with other network services intended for people as if it was a real person. Types of Bot :1.Voting Bots 2.Email Account Registration Bots
Terminologies :
What is SPAM ?
Spamming is the act of sending unwanted electronic messages in bulk. In the popular eye, the most common form of spam is that delivered in e-mail as a form of commercial advertising. Sending bulk messages in this fashion, to recipients who have not desired them, has come to be known as spamming, and the messages themselves as spam.
CAPTCHA :
Printed CAPTCHA
CAPTCHA :
BONGO
1. A visual recognition problem. 2. Two sets of shapes with a distinguishing characteristic. 3. Must choose which set the shape belongs to.
PIX
A database of labeled images of recognizable objects Randomly chooses an object and displays N pictures of it.
Gimpy CAPTCHA
Gimpy CAPTCHA :
Designed by Yahoo and CMU. Picks up 10 random words from dictionary and distorts, fills with noise. User has to recognize at least 3 words. If user is correct, he is admitted. Below is a Example of Gimpy.
CAPTCHA :
CAPTCHA :
CAPTCHA :
CAPTCHA :
CAPTCHA :
CAPTCHA :
Implementation
There are two basic Implementation of CAPTCHA for a Website or Web Forum.
1. Embeddable CAPTCHAs : The easiest implementation of a
CAPTCHA to a Website would be to insert a few lines of CAPTCHA code into the Websites HTML code, from an open source CAPTCHA builder, which will provide the authentication services remotely. Most such services are free. Popular among them is the service provided by www.captcha.net s reCAPTCHA project.
CAPTCHA :
The answer to this question is: YES! Given enough effort, absolutely every CAPTCHA algorithm can be broken.
Breaking A CAPTCHA
CAPTCHA :
A very Popular method used for breaking a CAPTCHA is OCR(Optical Character Recognition). Most text based CAPTCHAs have been broken by software Computer Character Recognition. Other CAPTCHAs were broken by screaming the tests for unsuspecting users to solve.
Breaking A CAPTCHA :
A number of research projects have attempted (often with success) to beat visual CAPTCHAs by creating programs that contain the following functionality:
Segmentation
Splitting the image into regions which contain a single character. Complex and computationally expensive.
Character Recognition
OCR software used to identify the characters
CAPTCHA :
Image Security
Images must be secure enough to prevent OCR-based attacks. Random and thorough distortion techniques.
Script Security
Programs must be secure as well. Passwords passed in encrypted text. Destroy sessions after a CAPTCHA is solved.
CAPTCHA :
Applications Of CAPTCHA
CAPTCHA :
1. 2. 3. 4. 5. 6. 7. 8. 9.
Online Polls Protecting Web Registration: Preventing comment spam Search engine bots E-Ticketing Email spam Preventing Dictionary Attacks As a tool to verify digitized books Improve Artificial Intelligence (AI) technology
Benefits of CAPTCHA
CAPTCHA :
Using a CAPTCHA significantly narrows the number of potential attackers on your website. CAPTCHA images ensure that not every beginner hacker can attack your web forms.
You can always change the algorithm used if the previous one is broken. It's highly unlikely that a hacker will spend his entire time trying to break new algorithms as you change them.
Limitations of CAPTCHA
CAPTCHA :
CAPTCHA is not 100% solution for all the problems like BOTs and Spams. CAPTCHA can be broken. 1. Using Computer Character Recognition software. 2. Using cheap human labor to process the test.
CAPTCHA :
Conclusion
As with all security solutions, risk can only be decreased, but there is no such thing as a single security measure that is 100% safe. But the presence of a CAPTCHA is always necessary when you need to enhance the stability and security of any web service or application. So a CAPTCHA is a technique that can generate and grade that : A human can pass very easily but its not so easy for any computer or software program.
! QUERIES !